FYI. The vendor claims that the issue is only in the demo version.
==================================================
Date: Mon, 04 Dec 2006 07:40:41 -0800
From: ECOMMERCEMAX SOLUTIONS
To: cve at mitre.org
Subject: CVE-2006-5957
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5957
This is an inaccurate report for one of our products. The
vulnerabilities mentioned were never present in our official released
products but only in the unofficial demo version. However we do
appreciate the information. We have update our demo version and made
sure all those vulnerabilities are fixed. Please remove the
corresponding page from your site at the soonest possible time as it
does not reflect the real status of our product.
Sincerely,
Ecommercemax Solutions